package com.sangmo.boot.framework.common.security;

import com.sangmo.boot.framework.api.utils.ApiResponse;
import com.sangmo.boot.framework.common.errors.StandardErrors;
import com.sangmo.boot.framework.common.i18n.MessageMaker;
import com.sangmo.boot.framework.common.security.meta.AccessLimit;
import com.sangmo.boot.framework.common.session.UserSession;
import com.sangmo.boot.framework.common.utils.JsonUtils;
import com.sangmo.boot.framework.plugin.redis.cache.RedisCache;
import com.sangmo.boot.framework.plugin.redis.client.IRedisClient;
import com.sangmo.boot.framework.plugin.redis.client.impl.DefaultRedisClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.OutputStream;

//@Component
public class AccessLimitInterceptor extends HandlerInterceptorAdapter {

    @Autowired
    private IRedisClient redisClient;

    @Autowired
    private MessageMaker messageMaker;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        //判断请求是否属于方法的请求
        if(handler instanceof HandlerMethod){

            HandlerMethod hm = (HandlerMethod) handler;

            //获取方法中的注解,看是否有该注解
            AccessLimit accessLimit = hm.getMethodAnnotation(AccessLimit.class);
            if(accessLimit == null){
                return true;
            }
            int seconds = accessLimit.seconds();
            int maxCount = accessLimit.maxCount();
            boolean login = accessLimit.needLogin();
            String key = request.getRequestURI();
            //如果需要登录
            if(login){
                //获取登录的session进行判断
                Long currentUserId = (Long) UserSession.getUserInterface().getId();
                key+=""+currentUserId;  //这里假设用户是1,项目中是动态获取的userId
            }

            //从redis中获取用户访问的次数
            Integer count = (Integer) redisClient.get(key);
            if(count == null){
                //第一次访问
                redisClient.set(key,1, seconds);
            }else if(count < maxCount){
                //加1
                redisClient.incr(key);
            }else{
                //超出访问次数
                render(response,"error.framework.accessLimit.reached"); //这里的CodeMsg是一个返回参数
                return false;
            }
        }

        return true;

    }
    private void render(HttpServletResponse response, String msg)throws Exception {
        response.setContentType("application/json;charset=UTF-8");
        OutputStream out = response.getOutputStream();
        String str  = JsonUtils.writeValue(ApiResponse.make(StandardErrors.EXTERNAL_ERROR.getStatus(), messageMaker.make(msg), null));
        out.write(str.getBytes("UTF-8"));
        out.flush();
        out.close();
    }
}
